1.1.b Network Theory – Cisco Express Forwarding
November 21, 2014
CCNA Data Center – DCICN Blueprint (640-911)
January 10, 2017
Photo by Alina Grubnyak on Unsplash
In this post, I’ll provide an explanation of the following challenges networks may encounter:
1.1.c Explain general network challenges
1.1.c (i) Unicast flooding
1.1.c (ii) Out of order packets
1.1.c (iii) Asymmetric routing
1.1.c (iv) Impact of micro burst
Unicast flooding itself is a needed and normal switching process when an incoming unicast dataframe inbound on a particular VLAN with a destination IP does not have its destination mac-address in the CAM table, the unicast dataframe is broadcast out all forwarding interface ports (flooding) within the VLAN; until the dst mac-address with the destination IP responds, and builds the cam table with the matching mac-address to interface port association.
Undesired Unicast Flooding (continuous flooding) can be caused by asymmetric routing, forwarding table overflow, or STP topology changes
1. Asymmetric routing is defined as the instance when traffic is sent one particular path, but the return path does not take exactly the reverse path; i.e. return path hops not identical as the return path hops (trace route is different between src and dst; and vice versa). <NEEDS TO BE REVISITED>
2. Forwarding table overflow is when new addresses cannot be learned because the CAM table is full, and new entries can be learned only after earlier entries expire from the CAM table. Port security can be configured on individual ports to restrict the number of mac-addresses.
router(config-if)#switchport port-security maximum <# of mac-addresses per port> router(config-if)#switchport port-security violation restrict
3. STP topology changes, use TCN (Topology Change Notification) to allow for relearning the layer 2 hop for dst mac-addresses, by shortening the forwarding table aging timer, thus if mac-addresses are not relearned by incoming frames, it will be aged out and flooding will occur (to relearn the layer 2 port mapping with the dst mac-address).
Out of order packets occur when there are multiple paths to a particular destination and packets arrive at the destination host out of order. It can also be short-coming of network equipment which has parallel processing pathways without a mechanism to deliver the packets in the correct order. TCP is designed to address this by requesting retries on a particular stream for the out-order packets; or by reassembling of packets in the correct order.
Micro-burst can be defined as a uncharacteristic rapid increase in the number of segments transmitted at line rate in response to an acknowledgement received or other single events. I’m presuming if queuing buffer has reached its full capacity, retransmission of packets would happen for those packets dropped.
References:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html
https://community.extremenetworks.com/extreme/topics/how_to_diagnose_and_troubleshoot_unicast_flooding
http://www.ciscopress.com/articles/article.asp?p=336872
http://tools.ietf.org/html/rfc4737
http://tools.ietf.org/html/rfc5236
https://support.riverbed.com/download.htm?did=84
http://www.icsi.berkeley.edu/pubs/networking/burstingonTCP05.pdf
